Someone raised an interesting point in a comment to yesterday’s blog about Symantec’s own PIFTS.EXE being flagged by their own firewall as...
I recently had the fantastic opportunity to participate on a panel discussion concerning cyber security. The event was hosted by the Bellevue...
As Valentine’s Day is approaching the criminals behind Win32/Waledac have increased their activity. The Valentine campaign started some time ago but the...
Back in January I blogged about a shortcoming of HIPAA. HIPAA legislation is, in part, supposed to help protect our privacy when...
Here at ESET we have just released our Global ThreatTrends report for January 2009. Not surprisingly, at the top of the list...
Well, this actually isn’t a lie, but a lot of what you read on the web are lies designed to steal money...
…no promise of chicks for free, but I did get spam this morning offering me a “Free-Trial kit” for some scheme for...
You may have noticed that I’ve been making a lot of references to this over the past few weeks. You can now...
Today is inauguration day in the USA. As I traveled to many countries late last year I was amazed at how joyous...
The top ten (twenty, twenty-five…) season doesn’t seem to have finished yet: the latest to cross my radar was something like seven...
You might have noticed that Conficker (Downadup) is actually standing up rather well to all the attention it’s receiving at the moment....
CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide...
One of the security best practices is to back up your data regularly. This is sound advice as it helps mitigate the...
There are different techniques that can be used by a program to identify in which country it has been installed. It can...
This is bizarre, if slightly nostalgic. I spent a lot of time in the first half of this decade writing and presenting...
Many people in the US associate HIPAA with the rules required to protect medical data. It actually is a lot more than...
I know, the Twitter hack is old news, but poor passwords are still common. It is a pity because it really is...
Nigel Morris, of the UK’s “Independent” newspaper reported recently on new powers given to police in the UK and proposals to extend...
And finally… Don’t use cracked/pirated software! These are easy avenues for introducing malware into, or exploiting weaknesses in, a system. This also...
It occurs to me that I should make it clear that this “top ten” isn’t in any particular order. Like the other...
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Bogus npm Packages Used to Trick Software Developers into Installing Malware
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
Network Threats: A Step-by-Step Attack Demonstration
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks